WHAT IS CLAIMED IS: 

1 . A method of enforcing encryption on a public wireless local 
area network, the public wireless local area network comprising: 

at least one access point for the wireless connection of corresponding 
user terminals; 

an authentication, authorization and accounting system; and 

at least one access control point for controlling access to the network, 

for Initiating an authentication, authorization and accounting procedure for an 

accessing terminal, and for providing an Internet access gateway 

functionality; the method comprising: 

authenticating a user terminal to the authentication, authorization and 

accounting system upon arrival in a service area of the public wireless local 

area network; 

requesting access to the Internet by the user terminal; and 
enforcing applications corresponding to the Internet access request of 
the user terminal to switch their traffic to an encrypting security service port. 

2. The method according to claim 1 , wherein the encrypting 
security service is the secure sockets layer or the transport layer security. 

3. The method according to claim 1 , wherein the enforcement is 
performed by a responsible access control point. 
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4. The method according to claim 1 , wherein the enforcement is 
performed by a responsible wireless local area network gateway. 

5. The method according to claim 1 , further comprising: 
retrieving information by the access control point from RADIUS 

messages which user terminals do not use a 802.1 1i encryption; and 

directing the traffic encryption enforcement only to the such identified 
user terminals. 

6. The method according to claim 1 , wherein the enforced 
applications are selected from a group comprising the hypertext transfer 
protocol for browsing the Internet, the Internet message access protocol 4, 
the post office protocol 3, and the simple mail transfer protocol. 

7. A system for enforcing encryption on a public wireless local 
area network, comprising at least one user terminal, and a public wireless 
local area network, which comprises: 

at least one access point for the wireless connection of a user 
terminal; 

an authentication, authorization and accounting sub-system; and 
at least one access control point for controlling access to the network, 
for initiating an authentication, authorization and accounting procedure for a 
user terminal at the authentication, authorization and accounting sub-system 
upon its arrival in a service area of the public wireless local area network, for 
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providing an Internet access gateway functionality, and for enforcing 
applications corresponding to an Internet access request of the user terminal 
to switch their traffic to an encrypting security service port. 

8. The system according to claim 7, wherein the encrypting 
security service is the secure sockets layer or the transport layer security. 

9. The system according to claim 7, wherein the access control 
point retrieves information from RADIUS messages which user terminals do 
not use a 802.1 1i encryption and directs the traffic encryption enforcement 
only to the such identified user terminals. 

10. An access control point network element for enforcing 
encryption on a public wireless local area network, comprising: 

means for controlling access to the network; 

means for initiating an authentication, authorization and accounting 
procedure for a user terminal at an authentication, authorization and 
accounting sub-system of the public wireless local area network upon arrival 
of the user terminal in a service area of the public wireless local area 
network; 

means for providing an Internet access gateway functionality; and 
means for enforcing applications corresponding to an Internet access 

request of the user terminal to switch their traffic to an encrypting security 

service port. 
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1 1 . The network element according to claim 1 0, wherein the 
encrypting security service is the secure sockets layer or the transport layer 
security. 

12. The network element according to claim 10, further comprising: 
means for retrieving information from RADIUS messages which user 

terminals do not use a 802.111 encryption; and 

means for directing the traffic encryption enforcement only to the such 
identified user terminals. 
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